You also don't know if the records were tampered with. The fact that they were
able to encrypt them shows that they had the capability to tamper with them.
It's not a likely attack (too much money to be made with the simple approach),
but it's possible.
David Lang
On Thu, 13 Nov 2014, Morgan
On Thu, Nov 13, 2014 at 11:47 PM, Tracy Reed wrote:
> On Thu, Nov 13, 2014 at 01:56:04PM PST, Bill Bogstad spake thusly:
>> I'm not so sure. If the data was encrypted in place (never left his
>> systems) then
>> it was never disclosed to inappropriate parties and my reading of that
>> link is th
>As I understand it, the major contenders are puppet, chef, ansible, and salt.
>(And optionally vagrant on top of it all).
puppet and chef are similar in features. Good at getting a node to a known
state.
ansible can do orchestration well. i.e. deploy MyApp means update my DB,
change my we
I had to deal with this yesterday. Not fun. The variant I dealt with was
CryptoWall 2.0, and it sounds like that’s what he’s got. It requests $500 in
btc, $1000 after 10 days
1. We purchased the bitcoin from Circle. They have quick credit card
confirmation and their weekly limit is $500 s
On Thu, Nov 13, 2014 at 01:56:04PM PST, Bill Bogstad spake thusly:
> I'm not so sure. If the data was encrypted in place (never left his
> systems) then
> it was never disclosed to inappropriate parties and my reading of that
> link is that this would not be considered a breach. Not that this
>
My thought would be that if something got into the setup enough to encrypt
the files, it could have also transmitted them.
On Nov 13, 2014 1:56 PM, "Bill Bogstad" wrote:
> On Thu, Nov 13, 2014 at 7:42 PM, Tracy Reed wrote:
> > On Thu, Nov 13, 2014 at 10:11:28AM PST, Morgan Blackthorne spake thus
On Thu, Nov 13, 2014 at 7:42 PM, Tracy Reed wrote:
> On Thu, Nov 13, 2014 at 10:11:28AM PST, Morgan Blackthorne spake thusly:
>> I'd be wondering if HIPPA requires him to disclose the breach to his
>> clients since it is medical information.
>
> Yes.
>
> http://www.hhs.gov/ocr/privacy/hipaa/admini
On Thu, 13 Nov 2014, Atom Powers wrote:
I have a lot of love for CfEngine3, although I've never used it and
don't know anybody who is.
I refactored all my cfengine version 2 configs to version 3 a few
years ago after Aleksey Tsalolikhin gave a talk locally.
It wasn't an easy transition, but
AP> You run Ansible manually, I haven't talked to anybody who runs Ansible
AP> on an automatic schedule like Puppet and Chef are typically used.
My sense is that the Ansible people think that would be a somewhat odd way
to use it. If you didn't make a change, why would you want to run it? If
you d
Your questions were ours as well, and the answers to which are exactly why we
chose Ansible. We find it equally powerful for ad-hoc tasks (think
Fabric/Capistrano) or as a CM system. In the end, you have to do your own
research, but having done so, for us Ansible was a clear winner.
W.
-Or
This might be subjective, or maybe it has a clear answer. Which one is the
absolute easiest to learn? Shortest/smallest learning curve, least friction to
get people to adopt who have not been exposed?
___
Tech mailing list
Tech@lists.lopsa.org
https:/
On Wed, Nov 12, 2014 at 4:42 PM, Edward Ned Harvey (lopser)
wrote:
> I'd like to build a VM on my local vmware or virtualbox or whatever, and then
> essentially clone it to AWS or vice versa... Make some change on a
> development machine, test it, and then after it's validated, replicate that
On Thu, Nov 13, 2014 at 10:11:28AM PST, Morgan Blackthorne spake thusly:
> I'd be wondering if HIPPA requires him to disclose the breach to his
> clients since it is medical information.
Yes.
http://www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/
But if he didn't even have s
I'd be wondering if HIPPA requires him to disclose the breach to his
clients since it is medical information.
--
~*~ StormeRider ~*~
"Every world needs its heroes [...] They inspire us to be better than we
are. And they protect from the darkness that's just around the corner."
(from Smallville S
On Thu, 13 Nov 2014, Leon Towns-von Stauber wrote:
As someone else suggested in this thread, start with one file.
Choose something simple, that's probably the same or similar on all
your hosts, and won't completely break the system if you mess up.
For example, ntp.conf. Set up a simple config
On Thu, Nov 13, 2014 at 10:17 AM, John Stoffel wrote:
> [...]
So using chef/puppet/salt/ansible/blueprint all fall down on the
> legacy support. But maybe that's just me being too perfectionist
> here. But I do want to automate even these Sparc systems, esp the
> standalone Oracle servers whic
Colleagues,
A good friend of mine owns a dental practice whose data was encrypted with
ransomware. Apparently all of the primary and backup data were encrypted.
I'm getting info secondhand from him and so don't have all the details yet
(eg, which OS, which variant of ransomware, etc).
They're ask
On Nov 13, 2014, at 7:17 AM, John Stoffel wrote:
> This has been an awesome suggestion, and a discussion I've been
> following with alot of enjoyment and hope to actually get off my ass
> and start deploying some sort of CM.
>
> I have compute clusters with identical systems which I'd like to bri
BB> Ansible users. How does every handle the SSH and root access parts?
BB> I assume you don't have ansible connecting directly as root on the
BB> destination servers, you use a regular user.
Yep! One question is whether you give that regular user a shared key that
all your sysadmins use, or if yo
On 2014-11-13 09:20, Brad Bendily wrote:
> Ansible users. How does every handle the SSH and root access parts?
> I assume you don't have ansible connecting directly as root on the
> destination servers, you use a regular user.
> Then how do you give that user sudo/root access and provide that user
Michael Tiernan wrote:
>
> >Can I ask a question of the {puppet/chef} crowd?
> >
> >Looking for short answers. How do you handle the building of the system
> >from the bare-metal "power on" state until you have a self bootable
> >system built and ready for configuration specifics?
> >
> >I am, adm
Having played with Puppet from 2008 until present, some remarks from
experience:
* It's not about scale, but about executable documentation that tell you
everything that's non-default about any system
* Continuing some task that your collegue was working on is far easier than
before
* Sharing conf
Ansible users. How does every handle the SSH and root access parts?
I assume you don't have ansible connecting directly as root on the
destination servers, you use a regular user.
Then how do you give that user sudo/root access and provide that user
password so the ansible task can execute a root
f
> "Edward" == Edward Ned Harvey (lopser) writes:
>> From: Edmund White [mailto:ewwh...@mac.com]
>>
>> Try Blueprint, then - http://devstructure.com/blueprint/
Edward> That. Sounds. Awesome. Will try, thanks for the suggestion.
This has been an awesome suggestion, and a discussion I've b
24 matches
Mail list logo
